History log of /openssl/crypto/cms/cms_sd.c (Results 1 – 25 of 96)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 7ed6de99 05-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


# 391334dd 22-Jul-2024 XZ-X

When calling ASN1_item_i2d () check both returned length and allocated pointer

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewe

When calling ASN1_item_i2d () check both returned length and allocated pointer

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24979)

show more ...


# 6d2a01cd 07-Sep-2023 Bernd Edlinger

Fix error handling in CMS_EncryptedData_encrypt

That caused several memory leaks in case of error.
Also when the CMS object that is created by CMS_EncryptedData_encrypt
is not used i

Fix error handling in CMS_EncryptedData_encrypt

That caused several memory leaks in case of error.
Also when the CMS object that is created by CMS_EncryptedData_encrypt
is not used in the normal way, but instead just deleted
by CMS_ContentInfo_free some memory was lost.

Fixes #21985

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22031)

show more ...


# d7ad09da 20-Oct-2023 Dr. David von Oheimb

CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@o

CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22459)

show more ...


# 72a99ef6 13-Oct-2023 Dr. David von Oheimb

CMS_add1_signer(): add missing ERR_raise() calls

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl

CMS_add1_signer(): add missing ERR_raise() calls

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22390)

show more ...


# 00a413e2 06-Sep-2023 Pauli

Check error return from cms_sd_asn1_ctrl() correctly.

Fixes #21986

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged fr

Check error return from cms_sd_asn1_ctrl() correctly.

Fixes #21986

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21988)

show more ...


# da1c088f 07-Sep-2023 Matt Caswell

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


# 85b89a8c 17-Jul-2023 atishkov

Remove redundant check

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@ar

Remove redundant check

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21473)

show more ...


# e077455e 29-Sep-2022 Richard Levitte

Stop raising ERR_R_MALLOC_FAILURE in most places

Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,

Stop raising ERR_R_MALLOC_FAILURE in most places

Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.

There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.

Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)

show more ...


# f69ec4b4 31-Aug-2022 Dr. David von Oheimb

PKCS7: add notes to pkcs7.h.in and minor code cleanup in crypto/{pkcs7,cms}/

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David

PKCS7: add notes to pkcs7.h.in and minor code cleanup in crypto/{pkcs7,cms}/

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18915)

show more ...


# d7d3dae6 27-Jun-2022 Dr. David von Oheimb

CMS: add CMS_SignedData_verify(), a variant of CMS_verify() with extensions

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Rev

CMS: add CMS_SignedData_verify(), a variant of CMS_verify() with extensions

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18667)

show more ...


# 8fc120bd 27-Jun-2022 Dr. David von Oheimb

cms_sd.c: fix style/formatting nits reported check-format.pl

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas

cms_sd.c: fix style/formatting nits reported check-format.pl

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18667)

show more ...


# fecb3aae 03-May-2022 Matt Caswell

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes


Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16
# 07342bad 28-Apr-2021 Viktor Söderqvist

CMS sign digest

CLI changes: New parameter -digest to CLI command openssl cms, to
provide pre-computed digest for use with -sign.

API changes: New function CMS_final_digest(), l

CMS sign digest

CLI changes: New parameter -digest to CLI command openssl cms, to
provide pre-computed digest for use with -sign.

API changes: New function CMS_final_digest(), like CMS_final() but
uses a pre-computed digest instead of computing it from the data.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15348)

show more ...


# d15d5618 18-Feb-2022 Michael Baentsch

enable CMS sign/verify for provider-implemented PKEYs

We need to handle signatures with and without digest algs
and we generalize the ossl_cms_ecdsa_dsa_sign() function
to other algo

enable CMS sign/verify for provider-implemented PKEYs

We need to handle signatures with and without digest algs
and we generalize the ossl_cms_ecdsa_dsa_sign() function
to other algorithms that are handled in the same way.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17733)

show more ...


# 04bc3c12 06-Aug-2021 Dr. David von Oheimb

Fix malloc failure handling of X509_ALGOR_set0()

Also update and slightly extend the respective documentation and simplify some code.

Reviewed-by: Tomas Mraz <tomas@openssl.org>

Fix malloc failure handling of X509_ALGOR_set0()

Also update and slightly extend the respective documentation and simplify some code.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16251)

show more ...


# 9944df11 06-Aug-2021 Dr. David von Oheimb

asn1/x_algor.c: add internal ossl_X509_ALGOR_from_nid() simplifying code

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17363)


# 2349d7ba 10-Nov-2021 PW Hu

Fix the return check of OBJ_obj2txt

Also update OBJ_nid2obj.pod to document the possible return values.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas

Fix the return check of OBJ_obj2txt

Also update OBJ_nid2obj.pod to document the possible return values.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17005)

show more ...


# ed576acd 21-May-2021 Tomas Mraz

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_,

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)

show more ...


# 8a734d3a 03-May-2021 Dr. David von Oheimb

CMS_get0_SignerInfos(): Prevent spurious error on cms_get0_signed() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12959)


Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k
# 4189dc37 16-Mar-2021 Dr. David von Oheimb

CMS ESS: Move four internal aux function to where they belong in crypto/cms

Also constify and slightly refactor them.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from ht

CMS ESS: Move four internal aux function to where they belong in crypto/cms

Also constify and slightly refactor them.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14601)

show more ...


# 1751768c 15-Mar-2021 Dr. David von Oheimb

ESS: Export three core functions, clean up TS and CMS CAdES-BES usage

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14601)


Revision tags: openssl-3.0.0-alpha13
# ad57a13b 10-Mar-2021 Richard Levitte

Modify OBJ_nid2sn(OBJ_obj2nid(...)) occurences to use OBJ_obj2txt()

The intention is to allow for OIDs for which libcrypto has no
information, but are still fetchable for OSSL_ALGORITHM

Modify OBJ_nid2sn(OBJ_obj2nid(...)) occurences to use OBJ_obj2txt()

The intention is to allow for OIDs for which libcrypto has no
information, but are still fetchable for OSSL_ALGORITHM
implementations that specify an OID amongst their names.

Fixes #14278

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14498)

show more ...


Revision tags: openssl-3.0.0-alpha12
# f6c95e46 16-Feb-2021 Rich Salz

Add "origin" field to EVP_CIPHER, EVP_MD

Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle

Add "origin" field to EVP_CIPHER, EVP_MD

Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects

Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().

Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.

Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)

show more ...


# 0cfbc828 01-Apr-2021 Tomas Mraz

Deprecate the EVP_PKEY controls for CMS and PKCS#7

Improve the ossl_rsa_check_key() to prevent non-signature
operations with PSS keys.

Do not invoke the EVP_PKEY controls for CM

Deprecate the EVP_PKEY controls for CMS and PKCS#7

Improve the ossl_rsa_check_key() to prevent non-signature
operations with PSS keys.

Do not invoke the EVP_PKEY controls for CMS and PKCS#7 anymore
as they are not needed anymore and deprecate them.

Fixes #14276

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14760)

show more ...


1234